The reasons to worry about the connected car: Security and privacy issues

The "Internet of Things" is one of those catch-all terms that has become one of the latest buzzwords to be bandied about hither and thither. It is often used to conjure up images of an online oven, connected kettles and web-enabled waffle makers, and is referred to as something that is yet to be. So used is this term, that it's easy to forget that it's something that already exists – just ignore the absurd name and you simply have a collection of devices that connect to the Internet for a variety of reasons. But having any device connected to the Internet has advantages and disadvantages, and this is something that security experts AVG recognise only too well.

Take cars for instance. Things have advanced in leaps and bounds in recent years, to the point that the traditional key is no longer needed, and apps can be used to check vehicle stats – who needs dials and in-car displays, eh? Just as owning a car has changed dramatically in the past couple of decades, so has the problem of car security. Numbered are the days of a brick through the window, a screwdriver or coat hanger slipped down the side of the window, and touching together a couple of wires to make a getaway in just a few minutes.

Cars are now incredibly computer-heavy, and while this initially led to an increase in security and user-friendliness, it also led to a new breed of car thief. The computers used to add all manner of fancy features to new vehicles also serve as new points of entry for the technically minded thief for whom the prizes are ever more valuable. "Connected vehicles" are just as at risk as less technically advanced cars, and they’re a problem that’s likely to get worse as time marches on.

In a post on the AVG blog, Tony Anscombe – AVG's "Senior Security Evangelist" – points out that with a predicted 50 billion connected devices by 2020, it's time to look seriously at vehicular security. He says that while car hacking currently means that it is possible to be relieved of your vehicle by a techno-thief, there's also the potential for something slightly more sinister.

This is not just a matter of security; there is also privacy to consider. As Anscombe points out, the connectivity of cars "potentially gives manufacturers access to data we may consider to be private, whether that's our music and navigation data or more personally, our location, family information and potentially other sensitive information. So the physical loss of the car could in fact be coupled with the loss of personal privacy".

It was, and is, the desktop computer that was the source of concern, and this spread to smartphones as the popularity of handsets increased. Now "cars are becoming the smartphones of the future" as a new generation of drivers expects and demands the same level of connectivity. In US TV shows such as Person of Interest and Intelligence we have seen depictions of the remote control of vehicles, and this is something that AVG is concerned about. "What if car hacks were malicious, and the goal was to meddle with your car’s driver system to adjust the braking, cruise control or steering?" Forget going to fill up with fuel, you may have to pull in to install the latest virus definitions and security updates.

Anscombe says that AVG wants to be at the forefront of working with car manufacturers to develop effective security techniques. But perhaps the way ahead is to realise that there is no need for everything to be connected. Is the Internet of Things being oversold?